Single-chip FPGA implementation of a cryptographic co-processor

A secure communications protocol contains a symmetric key cryptosystem, a hash algorithm and a method for providing digital signatures and key exchange using public key cryptography. This work presents an implementation of these core ciphers on a single FPGA. A novel architecture combining a symmetric-key and message authentication algorithm is proposed, with FIFO memory-blocks used as buffers to allow them run in parallel from the same data source. The generation of digital signatures and key exchange using a modular exponentiator core block is also considered. The complete design is implemented on a PCI prototyping card containing a Xilinx Virtex-2000E FPGA and SRAM memory banks. To optimise the data transfer rate between the SRAMs and the FPGA. The memory interface and encryption cores are partitioned into separate clock domains. Comparisons are then made between theoretical results from timing analysis reports and implemented results on the prototyping card.

[1]  M. McLoone,et al.  A single-chip IPSEC cryptographic processor , 2002, IEEE Workshop on Signal Processing Systems.

[2]  Paris Kitsos,et al.  An efficient implementation of the digital signature algorithm , 2002, 9th International Conference on Electronics, Circuits and Systems.

[3]  Kris Gaj,et al.  A 1 Gbit/s Partially Unrolled Architecture of Hash Functions SHA-1 and SHA-512 , 2004, CT-RSA.

[4]  José D. P. Rolim,et al.  An adaptive cryptographic engine for IPSec architectures , 2000, Proceedings 2000 IEEE Symposium on Field-Programmable Custom Computing Machines (Cat. No.PR00871).

[5]  P. L. Montgomery Modular multiplication without trial division , 1985 .

[6]  Pete Chown,et al.  Advanced Encryption Standard (AES) Ciphersuites for Transport Layer Security (TLS) , 2002, RFC.

[7]  Dan S. Wallach,et al.  Performance analysis of TLS Web servers , 2006, TOCS.

[8]  Pedro C. Diniz,et al.  Synthesis and estimation of memory interfaces for FPGA-based reconfigurable computing engines , 2003, 11th Annual IEEE Symposium on Field-Programmable Custom Computing Machines, 2003. FCCM 2003..

[9]  Christof Paar,et al.  An FPGA-based performance evaluation of the AES block cipher candidate algorithm finalists , 2001, IEEE Trans. Very Large Scale Integr. Syst..

[10]  Ingrid Verbauwhede,et al.  A 21.54 Gbits/s fully pipelined AES processor on FPGA , 2004, 12th Annual IEEE Symposium on Field-Programmable Custom Computing Machines.

[11]  Jun Rim Choi,et al.  Two implementation methods of a 1024-bit RSA cryptoprocessor based on modified Montgomery algorithm , 2001, ISCAS 2001. The 2001 IEEE International Symposium on Circuits and Systems (Cat. No.01CH37196).